Since 2004, a source for ranting, reviews and InfoSec news

Menu

Epsilon Breach will Lead to Phishing Season Security Companies Predict

Over the weekend, email marketing firm Epsilon revealed that it had been hacked and that some of their client customer lists had been stolen.

Names and email addresses were stolen. With the link between your email address and the particular client of Epsilon, it is now much easier to create a targeted phishing email.

Phishing emails are a type of spam that pose as emails from legitimate institutions such as your bank or phone company. When you receive an email regarding issues with your account at “TCF Credit Union” you hit delete. You know it is spam because you don’t have an account there. When they know you have an existing relationship, the attacker can create an email that is much more likely to get past your skepticism.

To protect yourself from phishing attacks
1. Have a good spam filter in place. Either you or your ISP should have a spam filter.
2. Enable your browser-based phishing filter. This is available in most major browsers.
3. Use other URL filters such as BlueCoat K9 is a free effective URL filter.
4. Be aware of how your bank will contact you. Banks will generally not be asking you to log in from an email link.
5. Only use known links and phone numbers. Consider links and phone numbers in email to be very suspicious.
6. If you use Google Mail, enable the “authentication icon for verified senders” Lab.
7. Consider installing Iconix Phishing Protection (for personal computers)
8. Think